1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
|
#!/bin/sh
set -e
declare -i CNT
RDO_RELEASE=kilo
SSH_OPTIONS=(-o StrictHostKeyChecking=no -o GlobalKnownHostsFile=/dev/null -o UserKnownHostsFile=/dev/null)
# RDO Manager expects a stack user to exist, this checks for one
# and creates it if you are root
if ! id stack > /dev/null; then
sudo useradd stack;
sudo echo 'stack ALL=(root) NOPASSWD:ALL' | sudo tee -a /etc/sudoers.d/stack
sudo echo 'Defaults:stack !requiretty' | sudo tee -a /etc/sudoers.d/stack
sudo chmod 0440 /etc/sudoers.d/stack
echo 'Added user stack'
fi
# ensure that I can ssh as the stack user
if ! sudo grep "$(cat ~/.ssh/id_rsa.pub)" /home/stack/.ssh/authorized_keys; then
if ! sudo ls -d /home/stack/.ssh/ ; then
sudo mkdir /home/stack/.ssh
sudo chown stack:stack /home/stack/.ssh
sudo chmod 700 /home/stack/.ssh
fi
USER=$(whoami) sudo sh -c "cat ~$USER/.ssh/id_rsa.pub >> /home/stack/.ssh/authorized_keys"
sudo chown stack:stack /home/stack/.ssh/authorized_keys
fi
# clean up stack user previously build instack disk images
ssh -T -o "StrictHostKeyChecking no" stack@localhost "rm -f instack*.qcow2"
# Yum repo setup for building the undercloud
if ! rpm -q epel-release > /dev/null; then
sudo yum install http://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
fi
if ! rpm -q rdo-release > /dev/null; then
sudo yum install -y https://rdoproject.org/repos/openstack-${RDO_RELEASE}/rdo-release-${RDO_RELEASE}.rpm
fi
if ! rpm -q rdo-release > /dev/null && [ "$1" != "-master" ]; then
sudo yum install -y https://rdoproject.org/repos/openstack-${RDO_RELEASE}/rdo-release-${RDO_RELEASE}.rpm
sudo rm -rf /etc/yum.repos.d/delorean.repo
sudo rm -rf /etc/yum.repos.d/delorean-current.repo
sudo rm -rf /etc/yum.repos.d/delorean-deps.repo
elif [ "$1" == "-master" ]; then
sudo yum -y install yum-plugin-priorities
sudo yum-config-manager --disable openstack-${RDO_RELEASE}
sudo curl -o /etc/yum.repos.d/delorean.repo http://trunk.rdoproject.org/centos7-liberty/current-passed-ci/delorean.repo
sudo curl -o /etc/yum.repos.d/delorean-current.repo http://trunk.rdoproject.org/centos7-liberty/current/delorean.repo
sudo sed -i 's/\[delorean\]/\[delorean-current\]/' /etc/yum.repos.d/delorean-current.repo
sudo curl -o /etc/yum.repos.d/delorean-deps.repo http://trunk.rdoproject.org/centos7-liberty/delorean-deps.repo
fi
# ensure the undercloud package is installed so we can build the undercloud
if ! rpm -q instack-undercloud > /dev/null; then
sudo yum install -y instack-undercloud
fi
# ensure openvswitch is installed
if ! rpm -q openvswitch > /dev/null; then
sudo yum install -y openvswitch
fi
# ensure libvirt is installed
if ! rpm -q libvirt-daemon-kvm > /dev/null; then
sudo yum install -y libvirt-daemon-kvm
fi
# ensure that no previous undercloud VMs are running
# and rebuild the bare undercloud VMs
ssh -T -o "StrictHostKeyChecking no" stack@localhost <<EOI
set -e
virsh destroy instack 2> /dev/null || echo -n ''
virsh undefine instack 2> /dev/null || echo -n ''
virsh destroy baremetalbrbm_0 2> /dev/null || echo -n ''
virsh undefine baremetalbrbm_0 2> /dev/null || echo -n ''
virsh destroy baremetalbrbm_1 2> /dev/null || echo -n ''
virsh undefine baremetalbrbm_1 2> /dev/null || echo -n ''
instack-virt-setup
EOI
# attach undercloud to the underlay network for
# baremetal installations
#if ! ovs-vsctl show | grep brbm; then
# ovs-vsctl add-port brbm em2
#fi
# let dhcp happen so we can get the ip
# just wait instead of checking until we see an address
# because there may be a previous lease that needs
# to be cleaned up
sleep 5
# get the undercloud ip address
UNDERCLOUD=$(grep instack /var/lib/libvirt/dnsmasq/default.leases | awk '{print $3}' | head -n 1)
# ensure that we can ssh to the undercloud
CNT=10
while ! ssh -T -o "StrictHostKeyChecking no" "root@$UNDERCLOUD" "echo ''" > /dev/null && [ $CNT -gt 0 ]; do
echo -n "."
sleep 3
CNT=CNT-1
done
# TODO fail if CNT=0
# yum repo, triple-o package and ssh key setup for the undercloud
ssh -T -o "StrictHostKeyChecking no" "root@$UNDERCLOUD" <<EOI
set -e
if ! rpm -q epel-release > /dev/null; then
yum install http://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
fi
curl -o /etc/yum.repos.d/delorean.repo http://trunk.rdoproject.org/centos7-liberty/current-passed-ci/delorean.repo
curl -o /etc/yum.repos.d/delorean-current.repo http://trunk.rdoproject.org/centos7-liberty/current/delorean.repo
sed -i 's/\\[delorean\\]/\\[delorean-current\\]/' /etc/yum.repos.d/delorean-current.repo
echo "\\nincludepkgs=diskimage-builder,openstack-heat,instack,instack-undercloud,openstack-ironic,openstack-ironic-inspector,os-cloud-config,python-ironic-inspector-client,python-tripleoclient,tripleo-common,openstack-tripleo-heat-templates,openstack-tripleo-image-elements,openstack-tripleo-puppet-elements,openstack-tuskar-ui-extras,openstack-puppet-modules" >> /etc/yum.repos.d/delorean-current.repo
curl -o /etc/yum.repos.d/delorean-deps.repo http://trunk.rdoproject.org/centos7-liberty/delorean-deps.repo
yum install -y python-tripleoclient
cp /root/.ssh/authorized_keys /home/stack/.ssh/authorized_keys
chown stack:stack /home/stack/.ssh/authorized_keys
EOI
# install undercloud on Undercloud VM
ssh -o "StrictHostKeyChecking no" "stack@$UNDERCLOUD" "openstack undercloud install"
# make a copy of instack VM's definitions, and disk image
# it must be stopped to make a copy of its disk image
ssh -T -o "StrictHostKeyChecking no" stack@localhost <<EOI
set -e
echo "Shutting down instack to take snapshot"
virsh shutdown instack
echo "Waiting for instack VM to shutdown"
CNT=20
while virsh list | grep instack > /dev/null && [ $CNT -gt 0 ]; do
echo -n "."
sleep 5
CNT=CNT-1
done
if virsh list | grep instack > /dev/null; then
echo "instack failed to shutdown for copy"
exit 1
fi
echo "\nCopying instack disk image and starting instack VM."
virsh dumpxml baremetalbrbm_0 > baremetalbrbm_0.xml
virsh dumpxml baremetalbrbm_1 > baremetalbrbm_1.xml
cp -f /var/lib/libvirt/images/instack.qcow2 .
virsh dumpxml instack > instack.xml
#virsh vol-dumpxml instack.qcow2 --pool default > instack.qcow2.xml
virsh net-dumpxml brbm > brbm.xml
virsh start instack
EOI
# copy off the instack artifacts
echo "Copying instack files to build directory"
scp -o "StrictHostKeyChecking no" stack@localhost:baremetalbrbm_0.xml .
scp -o "StrictHostKeyChecking no" stack@localhost:baremetalbrbm_1.xml .
scp -o "StrictHostKeyChecking no" stack@localhost:instack.xml .
scp -o "StrictHostKeyChecking no" stack@localhost:brbm.xml .
scp -o "StrictHostKeyChecking no" stack@localhost:instack.qcow2 .
# start the instack VM back up to continue installation
echo "Waiting for instack VM to start"
CNT=10
while ! ping -c 1 "$UNDERCLOUD" > /dev/null && [ $CNT -gt 0 ]; do
echo -n "."
sleep 5
CNT=CNT-1
done
CNT=10
while ! ssh -T -o "StrictHostKeyChecking no" "root@$UNDERCLOUD" "echo ''" > /dev/null && [ $CNT -gt 0 ]; do
echo -n "."
sleep 3
CNT=CNT-1
done
# inject the already downloaded cloud image so it's not downloaded again
echo "Copying CentOS Cache to instack VM"
ssh -o "StrictHostKeyChecking no" "stack@$UNDERCLOUD" "mkdir .cache"
ssh -T -o "StrictHostKeyChecking no" stack@localhost "scp -r -o 'StrictHostKeyChecking no' /home/stack/.cache/image-create/CentOS-7-x86_64-GenericCloud* \"stack@$UNDERCLOUD\":.cache/"
# build the overcloud images
echo "Building overcloud images"
ssh -T -o "StrictHostKeyChecking no" "stack@$UNDERCLOUD" <<EOI
set -e
export DIB_YUM_REPO_CONF="/etc/yum.repos.d/delorean.repo /etc/yum.repos.d/delorean-current.repo /etc/yum.repos.d/delorean-deps.repo"
openstack overcloud image build --all
EOI
# copy off the built images
echo "Copying overcloud images"
if [ ! -d stack ]; then mkdir stack; fi
IMAGES="deploy-ramdisk-ironic.initramfs deploy-ramdisk-ironic.kernel"
#IMAGES+=" ironic-python-agent.initramfs ironic-python-agent.kernel ironic-python-agent.vmlinuz"
IMAGES+=" overcloud-full.initrd overcloud-full.qcow2 overcloud-full.vmlinuz"
IMAGES+=" fedora-user.qcow2 instackenv.json"
for i in $IMAGES; do
scp -o "StrictHostKeyChecking no" stack@$UNDERCLOUD:$i stack/
done
# move and Sanitize private keys from instack.json file
mv stack/instackenv.json instackenv-virt.json
sed -i '/pm_password/c\ "pm_password": "INSERT_STACK_USER_PRIV_KEY",' instackenv-virt.json
sed -i '/ssh-key/c\ "ssh-key": "INSERT_STACK_USER_PRIV_KEY",' instackenv-virt.json
# clean up the VMs
ssh -T -o "StrictHostKeyChecking no" stack@localhost <<EOI
set -e
virsh destroy instack 2> /dev/null || echo -n ''
virsh undefine instack 2> /dev/null || echo -n ''
virsh destroy baremetalbrbm_0 2> /dev/null || echo -n ''
virsh undefine baremetalbrbm_0 2> /dev/null || echo -n ''
virsh destroy baremetalbrbm_1 2> /dev/null || echo -n ''
virsh undefine baremetalbrbm_1 2> /dev/null || echo -n ''
EOI
|